CVE-2026-43350
A flaw was found in the Linux kernel CIFS/SMB client when parsing DACLs parsedacl. An ACE could match the Unix NFS mode SID prefix with only two subauthorities; code then read subauth2 for mode bits, accessing four bytes past the end of the ACE buffer. Upstream requires numsubauth = 3 before...